# RedFlag Directory Structure Discovery & Questions

## Current State (Inconsistent)

### Installer Template (`linux.sh.tmpl`)
- **User**: `redflag-agent`
- **Home**: `/var/lib/redflag-agent`
- **Config**: `/etc/redflag`
- **Systemd ReadWritePaths**: `/var/lib/redflag-agent` `/etc/redflag` `/var/log/redflag`

### Agent Code (`main.go`)
- **Config Path**: `/etc/redflag/config.json` ✓ (matches installer)
- **State Path**: `/var/lib/redflag` ✗ (should be `/var/lib/redflag-agent`)

### Migration System
- **Backup Path**: `/var/lib/redflag/migration_backups` ✗ (not in ReadWritePaths)
- **Detection**: Looks for old paths like `/etc/aggregator`, `/var/lib/aggregator`

## Questions for Design Decision

### 1. Single vs Separate Directories
Should the agent use:
- **Option A**: `/var/lib/redflag` (shared with server if on same machine)
- **Option B**: `/var/lib/redflag-agent` (separate, current installer approach)
- **Option C**: `/var/lib/redflag/agent` (nested structure)

### 2. Windows Compatibility
- Windows uses `C:\ProgramData\RedFlag\` - should it be `C:\ProgramData\RedFlag\Agent\`?

### 3. Same-Machine Server+Agent
If server and agent are on same machine:
- Should they share `/var/lib/redflag`?
- Or keep separate: `/var/lib/redflag-server` and `/var/lib/redflag-agent`?

### 4. Migration Compatibility
Current migration looks for:
- Old: `/etc/aggregator`, `/var/lib/aggregator`
- New: ???

### 5. Sudoers Permissions
Current sudoers only allows package manager commands. Should we add:
- `mkdir` permissions for migration backups?
- Or avoid needing sudo for migrations entirely?

## Recommended Approach

### Option B (Separate Directories) - Current Installer Path
- **Pros**: Clear separation, no conflicts if server+agent on same machine
- **Cons**: Inconsistent with current agent code

### Changes Needed for Option B:
1. Fix `getStatePath()` in `main.go` to return `/var/lib/redflag-agent`
2. Update migration backup path to use agent's home directory
3. Ensure Windows paths are consistent
4. Document the directory structure

### Option A (Shared Directory) - Current Agent Code Path
- **Pros**: Simpler structure, matches current agent code
- **Cons**: Potential conflicts if server+agent share machine

### Changes Needed for Option A:
1. Update installer to use `/var/lib/redflag` instead of `/var/lib/redflag-agent`
2. Update systemd ReadWritePaths
3. Update sudoers if needed
4. Ensure proper subdirectory organization

## Legacy Compatibility

v0.1.18 and earlier used:
- Config: `/etc/aggregator`
- State: `/var/lib/aggregator`

Current migration system handles this, but we need to decide the NEW canonical paths.

## Next Steps

Please advise on preferred approach:
1. **Option A**: Shared `/var/lib/redflag` directory
2. **Option B**: Separate `/var/lib/redflag-agent` directory
3. **Option C**: Different approach
4. **Need more information**: [Please specify]